Early this December, around 100,000 computers in China were infected with poorly-written ransomware that encrypted user data on the infected computers. The ransomware also included an information-stealing component that harvested login credentials for several Chinese online services. The attacker demanded a ransom of 110 Yuan ($16) in exchange for decrypting the files, payable via WeChat, a social platform that sees ubiquitous use in China.
On December 4th, Huorong Security, a company that provides anti-virus software and other network security solutions, reported the attack. Huorong identified that the malicious code not only locked the computers but also stole the credentials of users who accessed popular online platforms like Tmall, Aliwangwang, Alipay, 163 Mailbox, Baidu Cloud, Jingdong, and QQ. Although the hack affected tens of thousands of users, the infection was limited to devices in China and it was identified that the encryption techniques the hacker used were very basic.
Following the initial reports of the hack, WeChat immediately deactivated the QR code the hacker was using to accept ransom payments. As a precautionary measure, authorities have requested the users of several services—including Alipay, Baidu Yun, Netease 163, Tencent QQ, Taobao, Tmall, and Jingdong—to change their passwords.
The authorities were able to track down and arrest a 22-year-old man named Luo Moumou on December 5th, who admitted his role in the attack.
Don't want to make the news for the wrong reasons? Download ManageEngine DataSecurity Plus, a tool that can detect, classify , and secure personal data , and mitigate ransomware attacks.
Investing in a ransomware detection tool will help you detect and respond to ransomware attacks in real time to minimize the impact they have on your organization. ManageEngine offers DataSecurity Plus as an automatic ransomware threat identification and mitigation solution. The tool can perform the following without requiring any manual intervention:
To avoid such untoward incidents, it's wise to follow eight best practices to protect your organization. Try out all these features by downloading the free, 30-day trial version of DataSecurity Plus today.
Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.
You will receive weekly cybersecurity news soon!
© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.